I'm planning this development environment with a few database servers, and originally thought I would have a few private networks. I then thought it might be unnecessary as the ESXi cluster already provides redundancy with 4 NICs (in my case) and should manage the network traffic pretty intelligently, right?

Two private networks

Zero private networks

What are the advantages/disadvantages between the two shown configurations - on an ESXi 4.1 host?

1 Answer
1

Private networks in a virtualized environment are not for providing redundancy. The advantage of private networks is that you can separate backend traffic from frontend traffic (e.g. traffic generated by users accessing a service). You would put only the frontend servers on the public network and connect frontend and backend servers via a private network. That removes one attack vector (direct access) from your backend servers, because an attacker would have to go through the frontend server(s) to be able to access the backend servers. If the private network uses a separate set of physical interfaces, you can also prevent frontend traffic from exhausting bandwidth of backend connections.